SCAM ALERT - Urgent Fraud / Scam / Phishing / Social Engineering Security Warning

In the past few weeks, Hilltop Consultants has seen an increase in fraudulent emails soliciting funds transfers from our clients. The requestor of the transfer will obtain information about the business in order to send a convincing request. In two recent cases, the requestor created an email address similar to the CEO of the business. They then sent an email to either the CFO or another member of the finance team. The email requested a transfer of funds to an overseas bank account.

Many businesses place the names of their management on their website. This information is also available through online directories. This makes it very easy for cyber criminals to find the information.

In one case, the requestor of the funds impersonated the domain name of the business, and simply added an extra letter to the domain. They then used the name of the CEO with the new domain name in the request. Example: This email address is being protected from spambots. You need JavaScript enabled to view it. instead of This email address is being protected from spambots. You need JavaScript enabled to view it.. Notice the extra 'h' in hilltopconsultants.com.

In another case, the requestor used a completely different email address, but used the name of the CEO in the contact information as well as the signature block.

Please instruct your finance team to be on the lookout for emails such as these. They should always question requests for funds, passwords, or other private information.

Please contact the Hilltop team if you have questions, concerns, or have fallen victim to this threat. 1 (877) 365-8324